HELSINKI (May 3) -- The fast-spreading ''Sasser'' computer worm has infected hundreds of thousands of PCs globally and the number could soon rise sharply, a top computer security official said on Monday.

''If you take a normal Windows PC and connect to the Internet, you will be infected in 10 minutes (without protection),'' Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure, told Reuters.

''It seems to be gradually getting worse, but it could jump as the United States wakes up,'' he said.

F-Secure says the worm, which surfaced at the weekend, automatically spreads via the Internet to computers using the Microsoft Windows operating system, especially Windows 2000 and XP.

The spread of the virus had been muted so far, Hypponen said, as it emerged on a weekend, and holidays closed offices in places like the United Kingdom and Japan on Monday. But the spread was expected to worsen as the working week hits its stride.

''We have already seen three versions of Sasser during the weekend, and we could see more today,'' Hypponen said, adding he believes the worm originated in Russia.

Finnish bancassurer Sampo temporarily closed all of its branch offices, some 130 in all, on Monday as a precaution against Sasser.

In Australia, Westpac Bank said it was hit by the worm, and branches had to use pen and paper to allow them to keep trading, The Australian newspaper reported.

Delta Air Lines suffered a computer glitch on Saturday that caused delays and cancellations of certain flights across its system, but a spokesman said there was no information yet as to the cause.

''With Sasser it seems that companies are (using software) patches better and more quickly than last year (with virus ''Blaster''), but for those that are hit, they are hit hard,'' Hypponen said.

Blaster infected computers around the globe last year.

NO NEED TO CLICK

The current worm does not need to be activated by double-clicking on an attachment, and can strike even if no one is using the PC at the time. When a machine is infected, error messages may appear and the computer may reboot repeatedly.

''Compared to what happened with Blaster ... last August ... this virus has all the same features,'' Hypponen said, noting that both worms exploited relatively new holes in Windows and frequently caused computers to reboot.

Microsoft said Blaster cost it ''millions of dollars of damages,'' and has issued a $250,000 bounty for information on the whereabouts of its author.

F-Secure said corporate networks should be protected against Sasser and its variants by firewalls -- Internet road blocks that separate internal from public networks.

F-Secure said the worm emerged 18 days after Microsoft posted a corrective-code software patch on its Web site. This continues a common pattern with viruses whereby firms announce flaws in their software and hackers race to exploit them.

For home computer users, people should make sure they have downloaded the patch from Microsoft to fix the breach. If their computer is infected, must first be downloaded before the virus is removed or else the PC could catch the worm again.

Hypponen said he was not sure there was a better way for firms to alert users to software problems.

''There are always going to be security holes in mainstream products,'' he said. ''Even if these are not made public, the bad boys will find out about them anyway.''

wow. that is pretty hardcore. a number of people have been hit by some virus in the past week at my school - a good friend of mine seems to be among them. the symptoms his computer was showing sound a lot like the ones listed here (what with the restarting and the errors and all). we could not figure it out (and he could not update virus definitions), so he spent the morning wiping his HD and starting over with everything. at least he had good backups. oh well, he needed to do it anyway, the system was getting wonky.

The one thing that seems to happen with every recent major virus outbreak is the either the inability to get online, or the inability to check my mail. So far, since Sasser has been set loose, neither has happened....(waiting)

Comic relief:
WTH? I just got disconnected... oh, right, I have my connection set to terminate after 4 minutes of inactivity.

you know what id like to do when they track the guy who sent the virus to begin with. i want to use my Mac right in front of him and about every 94-99 seconds do my condescending voice and go "ha ha ha ha ha ha, game over, try again". however, i might also want to cut off both of his opposable thumbs because the computers we use at work are windows based and i might have to give him a nice schalacking.

Every single PC at my Highschool is infected, and its next to impossible to get any work done. We have to do a weather thing on the computers in Earth Sciences, and its pretty much impossible. Its sooo annoying. But, thankfully, we also have some macs in other rooms, so my life remains good

Anyway has anyone or does anyone know how to rid your system of it? I have 3 PCs (that's PC not pc) connected on my LAN, and all are running Win 2K. I have'nt seen any signs yet but would like to know what to do in case.

Anyway has anyone or does anyone know how to rid your system of it? I have 3 PCs (that's PC not pc) connected on my LAN, and all are running Win 2K. I have'nt seen any signs yet but would like to know what to do in case.

Click to expand...

Wasn't the last one fixed by downloading the fix using a Macintosh and then, transferring the fix to the affected PCs? At least one has been able to be handled that way.

Of course, no one ever updates, just like in the RPC case, and people are screwed over, again.

It is with a certain irony that M$ has managed everytime to get patches out for these BEFORE they hit (sometimes several weeks like with RPC and Blaster last summer), and yet the viruses still strike well anyway (e.g. corporate offices).

Makes me appreciate my mac even more....
In the words of Rincewind the wizzard: It could have been worse. It could have been me.

Click to expand...

Yea, it was me today. Two machines that are running a simulator at that I work on contracted the damn virus and so I spent 2 hours getting nothing done. I get to clean up the mess tomorrow. All I have to say is that I'm damn glad that when I get home I don't have to deal with crap like this.

Well, this would certainly explain all the weird behavior of the school E-mail server.

Click to expand...

We took the proactive step in my district's IT department and heeded the call weeks ago to apply the patching. Imagine - a school district IT Department being proactive! Will we get kudo's? Will we be thanked? Will people notice? Nope...only if the you-know-what hits the fan - only THEN do we hear about it! *sigh*

Two new variations of Sasser--Sasser.C and Sasser.D--started spreading Monday. Like the original and the Sasser.B variant, the new worms take advantage of a vulnerability in unpatched versions of Windows XP and Windows 2000 systems. The worms infect vulnerable systems by establishing a remote connection to the targeted computer, installing an FTP (File Transfer Protocol) server and then downloading themselves to the new host. Unlike mass-mailing computer viruses--such as MyDoom and Sobig--Sasser does not spread from computer to computer through e-mail.

MacRumors attracts a broad audience
of both consumers and professionals interested in
the latest technologies and products. We also boast an active community focused on
purchasing decisions and technical aspects of the iPhone, iPod, iPad, and Mac platforms.